Most of my consulting projects are delivered in the public sectors: higher education, central services, municipal and, a few years ago, in the health department. Until recently, my projects have involved implementing systems to deliver identity and access management — usually on a deadline, usually for a specific application or set of applications.
But I have also had the opportunity to work on more conceptual projects including defining an IdM strategy for a government department. Starting in the next few weeks, my team will begin architecting and designing federated and user-centric identity solutions.
The first thing we are working through are use cases that will help drive out solution designs. We already know what the technologies are capable of and we have selected the products we need to conduct the proofs-of-concept. But what are we going to do with this technology?
If we break down the emerging identity model into Identity Providers, Service Providers and Users, we can define actions in our use cases by these actors. This post starts the discussion with what makes a good Identity Provider (IdP). Specifically, the discussion is around the Citizen to Government context.
Who should act as an IdP? I believe that there are actually a limited number of government organizations that can fulfill this role. While many government departments (and divisions and branches within those departments) might maintain citizen information, only a few actually maintain citizen registries. And it is these registries — legislated databases of citizen information that are highly secured and carefully maintained — that are ideally suited to supporting an IdP implementation.
Why? Because citizen registries matter. These databases are consistently used for identification to support both real-world and electronic transactions. A registry of citizens is used to support eligibility for health services in a province. A registry of drivers allows for issuance of drivers licenses and enforcement of road use laws. Student registries ensure that the right student gets credit for exam results, course marks and certifications. The tax department keeps a reliable registry of citizen tax payers.
In my home province there are also registries for seniors, land titles, vital statistics, children/youth, and a perhaps few others — but that’s about it. Federally we have citizen registries for taxation, family benefits, veterans, guns (well… the people that own them), and others.
The point to all this is that there are a finite number of authoritative sources of citizen identity information. It therefore makes sense to leverage these databases for purposes of building reliable identity provider services.
I would even take it a step further — it makes very little sense to build a citizen IdP that is not built on a government registry. Why? Because the legislative authority to build a registry — and the effort to maintain it over time — are not trivial things. Therefore, government departments that contain registries take the job seriously. Registries are secured, monitored and carefully updated. They often contain key identity attributes such as legal name, date of birth and residential address. Registries are subject to review by provincial and national privacy commissioners. Some registries contain some unique information as well, such as relationships: parent to student, husband to wife, driver to vehicle.
In the event of problems, bodies that manage registries have processes for citizens to correct information to contained in these databases. Most of us care very much if a registry does not have our correct information. Errors can lead to late payments, loss of hard-earned certifications or denial of critical services. For example, if the tax department mis-spells our name, it is difficult to cash our refund cheque and we’ll be certain to correct them at the first opportunity.
To further bring this point home, consider the municipal property tax role. The city maintains this database and it is important to them that the rate payer be linked to correct property. They want to know who to contact if taxes are in arrears or if a ticket needs to be issued for icy sidewalks. But municipalities don’t deliver most of the type of life-sustaining or entitlement services that truly matter to us. Cities and towns also don’t have a business need to record useful identity information like date of birth or gender. If my city tax assessment arrived and my name was spelled incorrectly, I would probably ask that it be changed, but there would be limited consequences if I didn’t. For these reasons, the city’s tax role would make a poor choice as an IdP.
But a municipal government still needs to deliver services based on citizen entitlements, and identification can play an important role in electronic service delivery. So if my city’s own databases are poor choices, where should they turn? To a higher level of government, namely a provincial or federal IdP based on a robust registry. By establishing an agreement with one or more registry-based IdPs, my city can focus on delivery services — acting as a Service Provider — and leave the more difficult identification and authentication of citizens to an IdP.
Finally, the idea of using registries is aligned with the Pan-Candian Identity Management and Authentication Framework. While use of registries is not specifically prescribed, the concepts presented in the Identity Component — identity context, identity lifecyle, identity assurance levels and identity relationships — seem to map well when considering registries as ‘sources of truth’ for identity.
There will be a proliference of IdP services established over the next decade so the quality of identity proofing — especially for establishing credentials that are use in higher value transactions — is critical. Establishing Identity Providers that are based on government registries will be key to the success of future identity management and electronic service delivery initiatives.